2019 Threat Intelligence Report

What’s inside the Report

Rewterz Threat Intelligence Report 2019 includes findings of our Security Operation Center (SOC) teams that monitored and identified cyberattacks. Our team also analyzed global cyber security threats through our threat intelligence gathering platform to bring forth this valuable real-time data to equip organizations against cyberattacks beforehand.

The impact of such attacks can be huge on an organization, ranging from disruption of critical operations to extreme financial losses. Therefore, to cope with growing techniques of cyber-crimes, our SOC team uses most advanced threat intelligence and manages the real-time data of threat landscape through our Security Orchestration Automation and Response (SOAR) platform, SIRP.

Through this report, we aim to share and dissipate knowledge about sophisticated threats and advanced attacker practices in use on the Internet today. This report enables readers to gain clear insight on the nature of the threats currently faced by organizations operating in the cyber world.

Based on data collected from our attack sensors, the key findings of attacks towards Pakistan include:

• The cyberspaces of USA and Russia are launching the highest number of cyberattacks.
• 40% of the detected cyberattacks targeted Port 443 (HTTPS).
• Most of the critical vulnerabilities were found in web servers.
• Windows Installer Package MSI Execution was used to deploy highest number of different malware while WannaCry Ransomware continues to be the most used ransomware in cyberattacks.
• About 40% of malicious emails are spam whereas 29% malicious emails attempt credential theft by redirecting to phishing sites.
• Breaching of online transactions continues to be a major threat vector.
• 28.9% of the cyberattacks are directed towards payment services.
• Apache struts2 parameters interceptor Remote Command Execution was the most common exploit detected.
• More than half of the web application attacks were that of Illegal Resource Access.